Yiwei Lu

I am a fourth year Ph.D. student in the David R. Cheriton School of Computer Science at the University of Waterloo, where I am supervised by Prof. Yaoliang Yu and Prof. Sun Sun. I am also a student affiliate of the Vector Instituite.

Previously, I have completed my M.Sc. in Computer Science at the University of Manitoba, where I was advised by Prof. Yang Wang. I did my bachelors at the University of Electronic Science and Technology of China. I was also an exchange student at UC Santa Barbara.

Email  /  CV  /  Google Scholar  /  Github  /  LinkedIn

  New! April 2024: New paper on arXiv: Disguised Copyright Infringement of Latent Diffusion Models.
  New! Feb 2024: One paper accepted to SaTML 2024 (presented on April 11th).
  New! Jan 2024: I am a winner of the Cheriton Scholarship.
  New! Dec 2023: I am selected as a top reviewer in NeurIPS 2023.
  Oct 2023:One paper accepted to NeurIPS 2023.
  Oct 2023:One paper accepted to TMLR.
  May 2023: One paper accepted to ICML 2023.
  Dec 2022: One paper accepted to TMLR.
  Feb 2022: I am joining Huawei Noah's Ark Lab in Montreal as an Intern.
  January 2021: I am joining National Research Council of Canada as an Intern
  August 2020: I am joining University of Waterloo and Vector Instituite as a Ph.D. student

I'm interested in trustworthy machine learning, especially how external training data affect ML models' performance and robustness, i.e., the influence of data poisoning attacks (in the form of malicious external data) and beyond (e.g., in the form of disguised copyrighted material).

We reveal the threat of disguised copyright infringment of latent diffusion models, where one constructs a disguise that looks drastically different from the copyrighted sample yet still induces the effect of training Latent Diffusion Models on it.

We study indiscriminate data poisoning attacks against pre-trained feature extractors for fine-tuning and transfer learning tasks and propose feature targeted attacks to address optimization difficulty under constraints.

We propose forward backward proximal quantizers for understanding approximate gradients in neural network quantization and provide a a new tool for designing new algorithms.

We propose a general and novel loss function on contrastive learning based on f-mutual information. Additionally, we propose a f-Gaussain similarity funcntion with better interpretability and empirical performance.

We propose CM-GAN by combining the main strengths of diffusions and GANs while mitigating their major drawbacks.

We find (1) existing indiscriminate attacks are not well-designed (or optimized), and we reduce the performance gap with a new attack; (2) there exists some intrinsic barriers of data poisoning attacks, namely that when the poisoning fraction is smaller than a (easy to calculate) threshold, no attack succeeds.

We find that neural networks are surprisingly hard to (indiscriminate) poison and give better attacks.

We propose a general and novel loss function on contrastive learning based on f-mutual information.

We propose a new problem called unlabeled scene adaptive crowd counting.

We propose a more realistic problem setting for anomaly detection in surveillance videos and solve it using a meta-learning based algorithm.

We propose a structure learning framework that retains the pairwise similarities between the data points.

We propose a novel sequential generative model based on variational autoencoder (VAE) for future frame prediction with convolutional LSTM (ConvLSTM).

We propose a novel similarity learning framework by minimizing the reconstruction error of kernel matrices, rather than the reconstruction error of original data adopted by existing work.

We propose a ConvLSTM-based model to perform semantic segmentation on compressed videos directly. This significantly speed up the training and test speed.

Anomaly Detection in Surveillance Videos using Deep Learning - Yiwei Lu, M.Sc.thesis, Department of Computer Science, University of Manitoba, June 2020.

Credits to Jon Barron for the website design.